1 /* $NetBSD: identd.c,v 1.18 2003/05/17 21:24:38 itojun Exp $ */ 2 3 /* 4 ** identd.c A TCP/IP link identification protocol server 5 ** 6 ** This program is in the public domain and may be used freely by anyone 7 ** who wants to. 8 ** 9 ** Last update: 7 Oct 1993 10 ** 11 ** Please send bug fixes/bug reports to: Peter Eriksson <pen@lysator.liu.se> 12 */ 13 14 #if defined(IRIX) || defined(SVR4) || defined(NeXT) || (defined(sco) && sco >= 42) || defined(_AIX4) || defined(__NetBSD__) || defined(__FreeBSD__) || defined(ultrix) 15 # define SIGRETURN_TYPE void 16 # define SIGRETURN_TYPE_IS_VOID 17 #else 18 # define SIGRETURN_TYPE int 19 #endif 20 21 #ifdef SVR4 22 # define STRNET 23 #endif 24 25 #ifdef NeXT31 26 # include <libc.h> 27 #endif 28 29 #ifdef sco 30 # define USE_SIGALARM 31 #endif 32 33 #include <stdio.h> 34 #include <ctype.h> 35 #include <errno.h> 36 #include <netdb.h> 37 #include <signal.h> 38 #include <fcntl.h> 39 #include <poll.h> 40 41 #include <sys/types.h> 42 #include <sys/param.h> 43 #include <sys/ioctl.h> 44 #include <sys/socket.h> 45 #ifndef _AUX_SOURCE 46 # include <sys/file.h> 47 #endif 48 #include <sys/time.h> 49 #include <sys/wait.h> 50 51 #include <pwd.h> 52 #include <grp.h> 53 54 #include <netinet/in.h> 55 56 #ifndef HPUX7 57 # include <arpa/inet.h> 58 #endif 59 60 #if defined(MIPS) || defined(BSD43) 61 extern int errno; 62 #endif 63 64 #if defined(SOLARIS) || defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__) || defined(_AIX) 65 # include <unistd.h> 66 # include <stdlib.h> 67 # include <string.h> 68 #endif 69 70 #include "identd.h" 71 #include "error.h" 72 #include "paths.h" 73 74 75 /* Antique unixes do not have these things defined... */ 76 #ifndef FD_SETSIZE 77 # define FD_SETSIZE 256 78 #endif 79 80 #ifndef FD_SET 81 # ifndef NFDBITS 82 # define NFDBITS (sizeof(int) * NBBY) /* bits per mask */ 83 # endif 84 # define FD_SET(n, p) ((p)->fds_bits[(n)/NFDBITS] |= (1 << ((n) % NFDBITS))) 85 #endif 86 87 #ifndef FD_ZERO 88 # define FD_ZERO(p) bzero((char *)(p), sizeof(*(p))) 89 #endif 90 91 92 char *path_unix = (char *) NULL; 93 char *path_kmem = (char *) NULL; 94 95 int verbose_flag = 0; 96 int debug_flag = 0; 97 int syslog_flag = 0; 98 int multi_flag = 0; 99 int other_flag = 0; 100 int unknown_flag = 0; 101 int noident_flag = 0; 102 int crypto_flag = 0; 103 int liar_flag = 0; 104 105 int lport = 0; 106 int fport = 0; 107 108 char *charset_name = (char *) NULL; 109 char *indirect_host = (char *) NULL; 110 char *indirect_password = (char *) NULL; 111 char *lie_string = (char *) NULL; 112 113 #ifdef ALLOW_FORMAT 114 int format_flag = 0; 115 char *format = "%u"; 116 #endif 117 118 static int child_pid; 119 120 #ifdef LOG_DAEMON 121 static int syslog_facility = LOG_DAEMON; 122 #endif 123 124 static int comparemem __P((void *, void *, int)); 125 char *clearmem __P((void *, int)); 126 static SIGRETURN_TYPE child_handler __P((int)); 127 int main __P((int, char *[])); 128 129 /* 130 ** The structure passing convention for GCC is incompatible with 131 ** Suns own C compiler, so we define our own inet_ntoa() function. 132 ** (This should only affect GCC version 1 I think, a well, this works 133 ** for version 2 also so why bother.. :-) 134 */ 135 #if defined(__GNUC__) && defined(__sparc__) && !defined(NeXT) 136 137 #ifdef inet_ntoa 138 #undef inet_ntoa 139 #endif 140 141 char *inet_ntoa(ad) 142 struct in_addr ad; 143 { 144 unsigned long int s_ad; 145 int a, b, c, d; 146 static char addr[20]; 147 148 s_ad = ad.s_addr; 149 d = s_ad % 256; 150 s_ad /= 256; 151 c = s_ad % 256; 152 s_ad /= 256; 153 b = s_ad % 256; 154 a = s_ad / 256; 155 snprintf(addr, sizeof(addr), "%d.%d.%d.%d", a, b, c, d); 156 157 return addr; 158 } 159 #endif 160 161 static int comparemem(vp1, vp2, len) 162 void *vp1; 163 void *vp2; 164 int len; 165 { 166 unsigned char *p1 = (unsigned char *) vp1; 167 unsigned char *p2 = (unsigned char *) vp2; 168 int c; 169 170 while (len-- > 0) 171 if ((c = (int) *p1++ - (int) *p2++) != 0) 172 return c; 173 174 return 0; 175 } 176 177 /* 178 ** Return the name of the connecting host, or the IP number as a string. 179 */ 180 char *gethost(addr) 181 struct in_addr *addr; 182 { 183 int i; 184 struct hostent *hp; 185 186 187 hp = gethostbyaddr((char *) addr, sizeof(struct in_addr), AF_INET); 188 if (hp) 189 { 190 char *hname = strdup(hp->h_name); 191 192 if (! hname) { 193 syslog(LOG_ERR, "strdup(%s): %m", hp->h_name); 194 exit(1); 195 } 196 /* Found a IP -> Name match, now try the reverse for security reasons */ 197 hp = gethostbyname(hname); 198 (void) free(hname); 199 if (hp) 200 #ifdef h_addr 201 for (i = 0; hp->h_addr_list[i]; i++) 202 if (comparemem(hp->h_addr_list[i], 203 (unsigned char *) addr, 204 (int) sizeof(struct in_addr)) == 0) 205 return (char *) hp->h_name; 206 #else 207 if (comparemem(hp->h_addr, addr, sizeof(struct in_addr)) == 0) 208 return hp->h_name; 209 #endif 210 } 211 212 return inet_ntoa(*addr); 213 } 214 215 #ifdef USE_SIGALARM 216 /* 217 ** Exit cleanly after our time's up. 218 */ 219 static SIGRETURN_TYPE 220 alarm_handler(int s) 221 { 222 if (syslog_flag) 223 syslog(LOG_DEBUG, "SIGALRM triggered, exiting"); 224 225 exit(0); 226 } 227 #endif 228 229 230 #if !defined(hpux) && !defined(__hpux) && !defined(SVR4) && \ 231 !defined(_CRAY) && !defined(sco) && !defined(LINUX) 232 /* 233 ** This is used to clean up zombie child processes 234 ** if the -w or -b options are used. 235 */ 236 static SIGRETURN_TYPE 237 child_handler(dummy) 238 int dummy; 239 { 240 #if defined(NeXT) || (defined(__sgi) && defined(__SVR3)) 241 union wait status; 242 #else 243 int status; 244 #endif 245 int saved_errno = errno; 246 247 while (wait3(&status, WNOHANG, NULL) > 0) 248 ; 249 250 errno = saved_errno; 251 252 #ifndef SIGRETURN_TYPE_IS_VOID 253 return 0; 254 #endif 255 } 256 #endif 257 258 259 char *clearmem(vbp, len) 260 void *vbp; 261 int len; 262 { 263 char *bp = (char *) vbp; 264 char *cp; 265 266 cp = bp; 267 while (len-- > 0) 268 *cp++ = 0; 269 270 return bp; 271 } 272 273 274 /* 275 ** Main entry point into this daemon 276 */ 277 int main(argc,argv) 278 int argc; 279 char *argv[]; 280 { 281 int i, len; 282 struct sockaddr_in sin; 283 struct in_addr laddr, faddr; 284 int one = 1; 285 286 int background_flag = 0; 287 int timeout = 0; 288 char *portno = "113"; 289 char *bind_address = (char *) NULL; 290 int set_uid = 0; 291 int set_gid = 0; 292 int inhibit_default_config = 0; 293 int opt_count = 0; /* Count of option flags */ 294 295 #ifdef __convex__ 296 argc--; /* get rid of extra argument passed by inetd */ 297 #endif 298 299 300 if (isatty(0)) 301 background_flag = 1; 302 303 /* 304 ** Prescan the arguments for "-f<config-file>" switches 305 */ 306 inhibit_default_config = 0; 307 for (i = 1; i < argc && argv[i][0] == '-'; i++) 308 if (argv[i][1] == 'f') 309 inhibit_default_config = 1; 310 311 /* 312 ** Parse the default config file - if it exists 313 */ 314 if (!inhibit_default_config) 315 parse_config(NULL, 1); 316 317 /* 318 ** Parse the command line arguments 319 */ 320 for (i = 1; i < argc && argv[i][0] == '-'; i++) { 321 opt_count++; 322 switch (argv[i][1]) 323 { 324 case 'b': /* Start as standalone daemon */ 325 background_flag = 1; 326 break; 327 328 case 'w': /* Start from Inetd, wait mode */ 329 background_flag = 2; 330 break; 331 332 case 'i': /* Start from Inetd, nowait mode */ 333 background_flag = 0; 334 break; 335 336 case 't': 337 timeout = atoi(argv[i]+2); 338 break; 339 340 case 'p': 341 portno = argv[i]+2; 342 break; 343 344 case 'a': 345 bind_address = argv[i]+2; 346 break; 347 348 case 'u': 349 if (isdigit(argv[i][2])) 350 set_uid = atoi(argv[i]+2); 351 else 352 { 353 struct passwd *pwd; 354 355 pwd = getpwnam(argv[i]+2); 356 if (!pwd) 357 ERROR1("no such user (%s) for -u option", argv[i]+2); 358 else 359 { 360 set_uid = pwd->pw_uid; 361 set_gid = pwd->pw_gid; 362 } 363 } 364 break; 365 366 case 'g': 367 if (isdigit(argv[i][2])) 368 set_gid = atoi(argv[i]+2); 369 else 370 { 371 struct group *grp; 372 373 grp = getgrnam(argv[i]+2); 374 if (!grp) 375 ERROR1("no such group (%s) for -g option", argv[i]+2); 376 else 377 set_gid = grp->gr_gid; 378 } 379 break; 380 381 case 'c': 382 charset_name = argv[i]+2; 383 break; 384 385 case 'r': 386 indirect_host = argv[i]+2; 387 break; 388 389 case 'l': /* Use the Syslog daemon for logging */ 390 syslog_flag++; 391 break; 392 393 case 'o': 394 other_flag = 1; 395 break; 396 397 case 'e': 398 unknown_flag = 1; 399 break; 400 401 case 'V': /* Give version of this daemon */ 402 printf("[in.identd, version %s]\r\n", version); 403 exit(0); 404 break; 405 406 case 'v': /* Be verbose */ 407 verbose_flag++; 408 break; 409 410 case 'd': /* Enable debugging */ 411 debug_flag++; 412 break; 413 414 case 'm': /* Enable multiline queries */ 415 multi_flag++; 416 break; 417 418 case 'N': /* Enable users ".noident" files */ 419 noident_flag++; 420 break; 421 422 #ifdef INCLUDE_CRYPT 423 case 'C': /* Enable encryption. */ 424 { 425 FILE *keyfile; 426 427 if (argv[i][2]) 428 keyfile = fopen(argv[i]+2, "r"); 429 else 430 keyfile = fopen(PATH_DESKEY, "r"); 431 432 if (keyfile == NULL) 433 { 434 ERROR("cannot open key file for option -C"); 435 } 436 else 437 { 438 char buf[1024]; 439 440 if (fgets(buf, 1024, keyfile) == NULL) 441 { 442 ERROR("cannot read key file for option -C"); 443 } 444 else 445 { 446 init_encryption(buf); 447 crypto_flag++; 448 } 449 fclose(keyfile); 450 } 451 } 452 break; 453 #endif 454 455 #ifdef ALLOW_FORMAT 456 case 'n': /* Compatibility flag - just send the user number */ 457 format_flag = 1; 458 format = "%U"; 459 break; 460 461 case 'F': /* Output format */ 462 format_flag = 1; 463 format = argv[i]+2; 464 break; 465 #endif 466 467 case 'L': /* lie brazenly */ 468 liar_flag = 1; 469 if (*(argv[i]+2) != '\0') 470 lie_string = argv[i]+2; 471 else 472 #ifdef DEFAULT_LIE_USER 473 lie_string = DEFAULT_LIE_USER; 474 #else 475 ERROR("-L specified with no user name"); 476 #endif 477 break; 478 479 default: 480 ERROR1("Bad option %s", argv[i]); 481 break; 482 } 483 } 484 485 #if defined(_AUX_SOURCE) || defined (SUNOS35) 486 /* A/UX 2.0* & SunOS 3.5 calls us with an argument XXXXXXXX.YYYY 487 ** where XXXXXXXXX is the hexadecimal version of the callers 488 ** IP number, and YYYY is the port/socket or something. 489 ** It seems to be impossible to pass arguments to a daemon started 490 ** by inetd. 491 ** 492 ** Just in case it is started from something else, then we only 493 ** skip the argument if no option flags have been seen. 494 */ 495 if (opt_count == 0) 496 argc--; 497 #endif 498 499 /* 500 ** Path to kernel namelist file specified on command line 501 */ 502 if (i < argc) 503 path_unix = argv[i++]; 504 505 /* 506 ** Path to kernel memory device specified on command line 507 */ 508 if (i < argc) 509 path_kmem = argv[i++]; 510 511 512 if (i < argc) 513 ERROR1("Too many arguments: ignored from %s", argv[i]); 514 515 516 /* 517 ** We used to call k_open here. But then the file descriptor 518 ** kd->fd open on /dev/kmem is shared by all child processes. 519 ** From the fork(2) man page: 520 ** o The child process has its own copy of the parent's descriptors. These 521 ** descriptors reference the same underlying objects. For instance, file 522 ** pointers in file objects are shared between the child and the parent 523 ** so that an lseek(2) on a descriptor in the child process can affect a 524 ** subsequent read(2) or write(2) by the parent. 525 ** Thus with concurrent (simultaneous) identd client processes, 526 ** they step on each other's toes when they use kvm_read. 527 ** 528 ** Calling k_open here was a mistake for another reason too: we 529 ** did not yet honor -u and -g options. Presumably we are 530 ** running as root (unless the in.identd file is setuid), and 531 ** then we can open kmem regardless of -u and -g values. 532 ** 533 ** 534 ** Open the kernel memory device and read the nlist table 535 ** 536 ** if (k_open() < 0) 537 ** ERROR("main: k_open"); 538 */ 539 540 /* 541 ** Do the special handling needed for the "-b" flag 542 */ 543 if (background_flag == 1) 544 { 545 struct sockaddr_in addr; 546 struct servent *sp; 547 int fd; 548 549 550 if (!debug_flag) 551 { 552 if (fork()) 553 exit(0); 554 555 close(0); 556 close(1); 557 close(2); 558 559 if (fork()) 560 exit(0); 561 } 562 563 fd = socket(AF_INET, SOCK_STREAM, 0); 564 if (fd == -1) 565 ERROR("main: socket"); 566 567 if (fd != 0) 568 dup2(fd, 0); 569 570 clearmem((void *) &addr, (int) sizeof(addr)); 571 572 addr.sin_family = AF_INET; 573 if (bind_address == (char *) NULL) 574 addr.sin_addr.s_addr = htonl(INADDR_ANY); 575 else 576 { 577 if (isdigit(bind_address[0])) 578 addr.sin_addr.s_addr = inet_addr(bind_address); 579 else 580 { 581 struct hostent *hp; 582 583 hp = gethostbyname(bind_address); 584 if (!hp) 585 ERROR1("no such address (%s) for -a switch", bind_address); 586 587 /* This is ugly, should use memcpy() or bcopy() but... */ 588 addr.sin_addr.s_addr = * (unsigned long *) (hp->h_addr); 589 } 590 } 591 592 if (isdigit(portno[0])) 593 addr.sin_port = htons(atoi(portno)); 594 else 595 { 596 sp = getservbyname(portno, "tcp"); 597 if (sp == (struct servent *) NULL) 598 ERROR1("main: getservbyname: %s", portno); 599 addr.sin_port = sp->s_port; 600 } 601 602 #ifdef SO_REUSEADDR 603 setsockopt(0, SOL_SOCKET, SO_REUSEADDR, (void *) &one, sizeof(one)); 604 #endif 605 606 if (bind(0, (struct sockaddr *) &addr, sizeof(addr)) < 0) 607 ERROR("main: bind"); 608 } 609 610 if (background_flag) 611 { 612 if (listen(0, 3) < 0) 613 ERROR("main: listen"); 614 } 615 616 if (set_gid) 617 { 618 if (setgid(set_gid) == -1) 619 ERROR("main: setgid"); 620 /* Call me paranoid... PSz */ 621 if (getgid() != set_gid) 622 ERROR2("main: setgid failed: wanted %d, got GID %d", set_gid, getgid()); 623 if (getegid() != set_gid) 624 ERROR2("main: setgid failed: wanted %d, got EGID %d", set_gid, getegid()); 625 } 626 627 if (set_uid) 628 { 629 if (setuid(set_uid) == -1) 630 ERROR("main: setuid"); 631 /* Call me paranoid... PSz */ 632 if (getuid() != set_uid) 633 ERROR2("main: setuid failed: wanted %d, got UID %d", set_uid, getuid()); 634 if (geteuid() != set_uid) 635 ERROR2("main: setuid failed: wanted %d, got EUID %d", set_uid, geteuid()); 636 } 637 638 if (syslog_flag) { 639 #ifdef LOG_DAEMON 640 openlog("identd", LOG_PID, syslog_facility); 641 #else 642 openlog("identd", LOG_PID); 643 #endif 644 } 645 (void)getpwnam("xyzzy"); 646 (void)gethostbyname("xyzzy"); 647 648 /* 649 ** Do some special handling if the "-b" or "-w" flags are used 650 */ 651 if (background_flag) 652 { 653 int nfds, fd; 654 struct pollfd set[1]; 655 struct sockaddr sad; 656 int sadlen; 657 658 659 /* 660 ** Set up the SIGCHLD signal child termination handler so 661 ** that we can avoid zombie processes hanging around and 662 ** handle childs terminating before being able to complete the 663 ** handshake. 664 */ 665 #if (defined(SVR4) || defined(hpux) || defined(__hpux) || defined(IRIX) || \ 666 defined(_CRAY) || defined(_AUX_SOURCE) || defined(sco) || \ 667 defined(LINUX)) 668 signal(SIGCHLD, SIG_IGN); 669 #else 670 signal(SIGCHLD, child_handler); 671 #endif 672 673 set[0].fd = 0; 674 set[0].events = POLLIN; 675 676 /* 677 ** Loop and dispatch client handling processes 678 */ 679 do 680 { 681 #ifdef USE_SIGALARM 682 /* 683 ** Terminate if we've been idle for 'timeout' seconds 684 */ 685 if (background_flag == 2 && timeout) 686 { 687 signal(SIGALRM, alarm_handler); 688 alarm(timeout); 689 } 690 #endif 691 692 /* 693 ** Wait for a connection request to occur. 694 ** Ignore EINTR (Interrupted System Call). 695 */ 696 do 697 { 698 #ifndef USE_SIGALARM 699 if (timeout) 700 nfds = poll(set, 1, timeout * 1000); 701 else 702 #endif 703 nfds = poll(set, 1, INFTIM); 704 } while (nfds < 0 && errno == EINTR); 705 706 /* 707 ** An error occurred in select? Just die 708 */ 709 if (nfds < 0) 710 ERROR("main: poll"); 711 712 /* 713 ** Timeout limit reached. Exit nicely 714 */ 715 if (nfds == 0) 716 exit(0); 717 718 #ifdef USE_SIGALARM 719 /* 720 ** Disable the alarm timeout 721 */ 722 alarm(0); 723 #endif 724 725 /* 726 ** Accept the new client 727 */ 728 sadlen = sizeof(sad); 729 errno = 0; 730 fd = accept(0, &sad, &sadlen); 731 if (fd == -1) 732 ERROR1("main: accept. errno = %d", errno); 733 734 /* 735 ** And fork, then close the fd if we are the parent. 736 */ 737 child_pid = fork(); 738 } while (child_pid && (close(fd), 1)); 739 740 /* 741 ** We are now in child, the parent has returned to "do" above. 742 */ 743 if (dup2(fd, 0) == -1) 744 ERROR("main: dup2: failed fd 0"); 745 746 if (dup2(fd, 1) == -1) 747 ERROR("main: dup2: failed fd 1"); 748 749 if (dup2(fd, 2) == -1) 750 ERROR("main: dup2: failed fd 2"); 751 } 752 753 /* 754 ** Get foreign internet address 755 */ 756 len = sizeof(sin); 757 if (getpeername(0, (struct sockaddr *) &sin, &len) == -1) 758 { 759 /* 760 ** A user has tried to start us from the command line or 761 ** the network link died, in which case this message won't 762 ** reach to other end anyway, so lets give the poor user some 763 ** errors. 764 */ 765 perror("in.identd: getpeername()"); 766 exit(1); 767 } 768 769 faddr = sin.sin_addr; 770 771 772 #ifdef STRONG_LOG 773 if (syslog_flag) 774 syslog(LOG_INFO, "Connection from %s", gethost(&faddr)); 775 #endif 776 777 778 /* 779 ** Get local internet address 780 */ 781 len = sizeof(sin); 782 #ifdef ATTSVR4 783 if (t_getsockname(0, (struct sockaddr *) &sin, &len) == -1) 784 #else 785 if (getsockname(0, (struct sockaddr *) &sin, &len) == -1) 786 #endif 787 { 788 /* 789 ** We can just die here, because if this fails then the 790 ** network has died and we haven't got anyone to return 791 ** errors to. 792 */ 793 exit(1); 794 } 795 laddr = sin.sin_addr; 796 797 798 /* 799 ** Get the local/foreign port pair from the luser 800 */ 801 parse(stdin, &laddr, &faddr); 802 803 exit(0); 804 } 805